| To: | miika@xxxxxx |
|---|---|
| Subject: | Re: [Infrahip] [PATCH] Host Identity Protocol |
| From: | YOSHIFUJI Hideaki / 吉藤英明 <yoshfuji@xxxxxxxxxxxxxx> |
| Date: | Wed, 23 Mar 2005 02:57:01 +0900 (JST) |
| Cc: | davem@xxxxxxxxxxxxx, gurtov@xxxxxxxxxxxxxx, netdev@xxxxxxxxxxx, infrahip@xxxxxxx, yoshfuji@xxxxxxxxxxxxxx |
| In-reply-to: | <Pine.GSO.4.58.0503221531020.19531@kekkonen.cs.hut.fi> |
| Organization: | USAGI Project |
| References: | <20050321.024241.67451836.yoshfuji@linux-ipv6.org> <20050320200356.5f8fa583.davem@davemloft.net> <Pine.GSO.4.58.0503221531020.19531@kekkonen.cs.hut.fi> |
| Sender: | netdev-bounce@xxxxxxxxxxx |
In article <Pine.GSO.4.58.0503221531020.19531@xxxxxxxxxxxxxxxxxx> (at Tue, 22 Mar 2005 16:08:31 +0200 (EET)), Miika Komu <miika@xxxxxx> says: > will have to get back to you later with some figures. If the results show > that an userspace implementation is superior to a kernel based approach in > terms of security or performance, we may have rewrite the code to the And, IMHO, the most important argument is, probably, in terms of simplicity and universality of kernel part. e.g. MIP6 uses XFRM / stackable destination architecture as its fundamental infrastructure. They (simplicity and universality) are unlikely measurable, though. > justify the reasons by analyzing and measuring. In addition, security > issues (DoS protection, user supplied public keys, etc) are taken pretty > seriously in HIP and may benefit from a kernel oriented approach. I belive that we can find solutions to solve these issues (if any). --yoshfuji |
| <Prev in Thread] | Current Thread | [Next in Thread> |
|---|---|---|
| ||
| Previous by Date: | Re: [Infrahip] [PATCH] Host Identity Protocol, David S. Miller |
|---|---|
| Next by Date: | Re: [IPSEC] Too many SADs!, Michael Richardson |
| Previous by Thread: | Re: [Infrahip] [PATCH] Host Identity Protocol, David S. Miller |
| Next by Thread: | ipv6 unresolved symbol, Meelis Roos |
| Indexes: | [Date] [Thread] [Top] [All Lists] |